CVE-2025-1636

3/13/2025 1:15:46 PM
دیروز
دیروز
1
Reporter :security@devolutions.net
Modified :3/13/2025 1:15:46 PM
Problem Data :CWE-200

Description

Exposure of sensitive information in My Personnal Credentials password history component in Devolutions Remote Desktop Manager 2024.3.29 and earlier on Windows allows an authenticated user to inadvertently leak the My Personnal Credentials in a shared vault via the clear history feature due to faulty business logic.

EPSS

Epss Score 0
Epss Percentile 0

Note: Consider this fact that the EPSS model relies on historical data and real-world exploit information to calculate the probability of exploitation. When a CVE is newly published, there isn't enough data available to determine its likelihood of being exploited. As a result, the EPSS score defaults to 0 until more information becomes available.